blob: 7af090c3a69c438022d1b4a16485f0d83d4a38e5 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
# ==============================================
# MTK Policy Rule
# ============
allow radio custom_file:dir getattr;
#violate never allow rule
#allow radio device:chr_file { read write ioctl open getattr };
allow radio dm_agent_binder:binder call;
allow radio rild2_socket:sock_file write;
allow radio rild3_socket:sock_file write;
allow radio rild4_socket:sock_file write;
allow radio rild_via_socket:sock_file write;
allow radio rild_md2_socket:sock_file write;
allow radio sdcard_internal:dir { write create add_name };
allow radio sdcard_internal:file { read write getattr open create };
##violate never allow rule
#allow radio sysfs:file write;
##violate never allow rule
#allow radio system_data_file:file append;
allow radio zygote:unix_stream_socket { getopt getattr };
# Date : WK14.36
# Operation : Migration
# Purpose : for mtkrild and viarild
allow radio mtkrild:unix_stream_socket connectto;
allow radio mtkrildmd2:unix_stream_socket connectto;
allow radio statusd:unix_stream_socket connectto;
# Date : WK14.38 2014/09/16
# Operation : Migration
# Purpose : for engineermode
allow radio mediatek_prop:property_service set;
allow radio em_svr:unix_stream_socket connectto;
allow radio mt_otg_test_device:chr_file { read write ioctl open };
allow radio mtgpio_device:chr_file { read ioctl open };
allow radio platformblk_device:dir search;
allow radio stpbt_device:chr_file { read write open };
allow radio stpant_device:chr_file { read write open };
allow radio bt_int_adp_socket:sock_file write;
allow radio mtkbt:unix_dgram_socket sendto;
allow radio guiext-server:binder { transfer call };
allow radio persist_ril_prop:property_service set;
allow radio mt6605_device:chr_file { read write ioctl open getattr };
allow radio nfc_socket:dir { write add_name remove_name search };
allow radio nfc_socket:sock_file { create write unlink setattr };
allow radio system_prop:property_service set;
# Date: wk14.40
# Operation : SQC
# Purpose : [ALPS01756200] wwop boot up fail
allow radio custom_file:dir { search getattr open read };
allow radio custom_file:file { read open getattr};
# C2K System Property
allow radio cdma_prop:property_service set;
# Date : 2014/10/13
# Operation : IT
# Purpose : mtk_agpsd establishes the local socket as agpsd for all A-GPS
# application to do something with mtk_agpsd
unix_socket_connect(radio, agpsd, mtk_agpsd)
# Date : 2014/10/14
# Operation : IT
# Purpose : for IMSA connect to volte_imsa1 provided by imcb process
unix_socket_connect(radio, volte_imsa1, volte_imcb)
# Date : 2014/10/16
# Operation : IT
# Purpose : for TTLIA apk connect to rild_atci by mtkrild process
allow radio rild_atci_socket:sock_file write;
# Date : 2014/10/17
# Operation : IT
# Purpose : Talks to ril-3gddaemon via the rild-dongle socket.
unix_socket_connect(radio, rild-dongle, ril-3gddaemon)
# Date : 2014/10/20
# Operation : IT
# Purpose : enable ATCId in engineer mode.
allow radio ctl_atcid-daemon-u_prop:property_service set;
allow radio ctl_atci_service_prop:property_service set;
allow radio persist_service_atci_prop:property_service set;
# Date : 2014/11/05
# Operation : IT
# Purpose : for IMS_RILA connect to rild_ims provided by mtkrild process
unix_socket_connect(radio, rild_ims, mtkrild)
# Purpose : allow to access kpd driver file
allow radio sysfs_keypad_file:dir { open write };
allow radio sysfs_keypad_file:file { open write };
# Date : 2014/12/13
# Operation : IT
# Purpose : for bluetooth relayer mode
allow radio block_device:dir search;
allow radio ttyGS_device:chr_file { open read write ioctl };
# Date : 2014/12/26
# Operation : IT
# Purpose : for engineermode sensor can work normal
allow radio als_ps_device:chr_file { read open ioctl };
# Date : 2015/01/20
# Operation : IT
# Purpose : for engineermode Usb PHY Tuning
allow radio debugfs:file { read getattr };
# Date : 2015/01/21
# Operation : IT
# Purpose : C2K rild
allow radio rild_atci_md2_socket:sock_file write;
allow radio rild_atci_c2k_socket:sock_file write;
# Date : WK15.05 2015/01/26
# Operation : IT
# Purpose : for engineermode camera
allow radio debug_prop:property_service set;
# Date : 2015/04/11
# Operation : VT development
# Purpose : for VT usage
allow radio vtservice:binder call;
allow radio vtservice:binder transfer;
allow vtservice self:capability dac_override;
allow vtservice soc_vt_svc_socket:sock_file write;
allow vtservice soc_vt_tcv_socket:sock_file write;
allow vtservice platform_app:binder call;
allow vtservice system_server:binder call;
allow vtservice fuse:dir write;
allow vtservice surfaceflinger:fd use;
allow vtservice tmpfs:lnk_file read;
|
